In computing, the Java Debug Wire Protocol (JDWP) is a
communication protocol
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any kind of variation of a physical quantity. The protocol defines the rules, syntax, semantics and synchroniza ...
which is part of the
Java Platform Debugger Architecture
The Java Platform Debugger Architecture (JPDA) is a collection of APIs to debug Java code.
* Java Debugger Interface (JDI) – defines a high-level Java language interface that developers can easily use to write remote debugger application tools.
...
. It is used for communication between a
debugger
A debugger or debugging tool is a computer program used to test and debug other programs (the "target" program). The main use of a debugger is to run the target program under controlled conditions that permit the programmer to track its execut ...
and the
Java Virtual Machine
A Java virtual machine (JVM) is a virtual machine that enables a computer to run Java programs as well as programs written in other languages that are also compiled to Java bytecode. The JVM is detailed by a specification that formally describ ...
, which it
debug
In computer programming and software development, debugging is the process of finding and resolving ''bugs'' (defects or problems that prevent correct operation) within computer programs, software, or systems.
Debugging tactics can involve int ...
s. It allows to debug processes on a different computer. It can work over a
network socket
A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programmin ...
or through
shared memory
In computer science, shared memory is memory that may be simultaneously accessed by multiple programs with an intent to provide communication among them or avoid redundant copies. Shared memory is an efficient means of passing data between progr ...
.
The protocol is implemented in the
software library
In computer science, a library is a collection of non-volatile resources used by computer programs, often for software development. These may include configuration data, documentation, help data, message templates, pre-written code and sub ...
libjdwp.
It can be activated using the
-Xrunjdwp parameter of
Java
Java (; id, Jawa, ; jv, ꦗꦮ; su, ) is one of the Greater Sunda Islands in Indonesia. It is bordered by the Indian Ocean to the south and the Java Sea to the north. With a population of 151.6 million people, Java is the world's mo ...
. The default
TCP port used for the protocol is 8000.
Metasploit
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
...
includes a module for JDWP. It can exploit it using various scripts, which have functions such as
injecting a Java class that executes a
shell
Shell may refer to:
Architecture and design
* Shell (structure), a thin structure
** Concrete shell, a thin shell of concrete, usually with no interior columns or exterior buttresses
** Thin-shell structure
Science Biology
* Seashell, a hard o ...
command, returns
operating system
An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs.
Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
details or injects an arbitrary class.
References
External links
Java Debug Wire Protocol - Java SE DocumentationHacking the Java Debug Wire Protocolby
IOActive
Patent US20110138359A1 - Modified implementation of java debug wire protocolJDWP Misconfiguration in Container Images and K8s
Debugging
Communications protocols
Java (programming language)
{{Programming-software-stub